14:46
Google team discloses a security vulnerability in Windows 11
10:30
Apple Music is coming to ChatGPT
09:00
Hackers claim Pornhub breach and threaten to leak data of Premium users
09:30
“The Populist”: a new book on Pavel Durov and Telegram as a political phenomenon
08:00
Apple releases iOS 26.3 Beta 1 for developers: what’s new
10:40
Xiaomi to ship smartphones with a preinstalled crypto wallet
14:46
Google team discloses a security vulnerability in Windows 11
10:30
Apple Music is coming to ChatGPT
09:00
Hackers claim Pornhub breach and threaten to leak data of Premium users
09:30
“The Populist”: a new book on Pavel Durov and Telegram as a political phenomenon
08:00
Apple releases iOS 26.3 Beta 1 for developers: what’s new
10:40
Xiaomi to ship smartphones with a preinstalled crypto wallet
14:46
Google team discloses a security vulnerability in Windows 11
10:30
Apple Music is coming to ChatGPT
09:00
Hackers claim Pornhub breach and threaten to leak data of Premium users
09:30
“The Populist”: a new book on Pavel Durov and Telegram as a political phenomenon
08:00
Apple releases iOS 26.3 Beta 1 for developers: what’s new
10:40
Xiaomi to ship smartphones with a preinstalled crypto wallet
14:46
Google team discloses a security vulnerability in Windows 11
10:30
Apple Music is coming to ChatGPT
09:00
Hackers claim Pornhub breach and threaten to leak data of Premium users
09:30
“The Populist”: a new book on Pavel Durov and Telegram as a political phenomenon
08:00
Apple releases iOS 26.3 Beta 1 for developers: what’s new
10:40
Xiaomi to ship smartphones with a preinstalled crypto wallet
Google’s Project Zero security team has disclosed details of a security vulnerability in Windows 11, stating that Microsoft has failed to fully address the issue.
The flaw is an Elevation of Privilege (EoP) vulnerability discovered in preview builds of Windows 11 available to Insider program participants.
Researcher James Forshaw said the issue is linked to a new Administrator Protection feature that is still under development. The feature is designed to elevate privileges only when necessary, using Windows Hello and an isolated administrative token. However, Forshaw found that a low-privileged process can intercept access to the user interface and obtain administrator-level permissions.
Microsoft was privately notified of the issue on August 8. The company released a patch on November 12 and assigned the vulnerability the identifier CVE-2025-60718, but according to the researcher, the fix was incomplete and does not fully resolve the flaw. With no further response from Microsoft, the details were made public.
The vulnerability is not considered critical. It requires local access to the device, and the Administrator Protection feature is available only in certain Insider builds and must be enabled manually.
Editor’s pick
